U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme
Dec 23, 2025Ravie LakshmananFinancial Crime / Law Enforcement The U.S. Justice Department (DoJ) on Monday announced the seizure of a
CISA Adds Digiever Authorization Vulnerability to KEV List Following Active Exploitation
A critical vulnerability affecting Digiever DS-2105 Pro network video recorders was added to the Known Exploited Vulnerabilities (KEV) catalog on
FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks
Dec 23, 2025Ravie LakshmananCybersecurity / Surveillance The U.S. Federal Communications Commission (FCC) on Monday announced a ban on all drones
Nissan says thousands of customers exposed in Red Hat breach
Nissan Motor Co. Ltd. (Nissan) has confirmed that information of thousands of its customers has been compromised after the data breach
New MacSync malware dropper evades macOS Gatekeeper checks
The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application.
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional
BlindEagle Hackers Attacking Government Agencies with Powershell Scripts
BlindEagle, a South American threat group, has launched a sophisticated campaign against Colombian government agencies, demonstrating an alarming evolution in
PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernels POSIX CPU Timers Implementation
A proof-of-concept (PoC) exploit has been publicly released for CVE-2025-38352, a race condition vulnerability affecting the Linux kernel’s POSIX CPU
Romanian water authority hit by ransomware attack over weekend
Romanian Waters (Administrația Națională Apele Române), the country’s water management authority, was hit by a ransomware attack over the weekend. Officials with
Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Dec 22, 2025Ravie LakshmananHacking News / Cybersecurity Cyber threats last week showed how attackers no longer need big hacks to
DIG AI Darknet AI Tool Enabling Threat Actors to Launch Sophisticated Attacks
A new and ominous player has emerged in the rapidly expanding landscape of “Shadow AI.” Researchers at Resecurity have identified
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed